mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-24 23:41:10 +00:00
SSL_TLS doesn't depend on PK any more
(But PK does depend on RSA or ECP.)
This commit is contained in:
Manuel Pégourié-Gonnard
parent
34ced2dffe
commit
1a483833b3
|
|
@ -1194,11 +1194,12 @@
|
||||||
* Enable the generic public (asymetric) key layer.
|
* Enable the generic public (asymetric) key layer.
|
||||||
*
|
*
|
||||||
* Module: library/pk.c
|
* Module: library/pk.c
|
||||||
* Caller: library/x509parse.c
|
* Caller: library/ssl_tls.c
|
||||||
* library/ssl_tls.c
|
|
||||||
* library/ssl_cli.c
|
* library/ssl_cli.c
|
||||||
* library/ssl_srv.c
|
* library/ssl_srv.c
|
||||||
*
|
*
|
||||||
|
* Requires: POLARSSL_RSA_C or POLARSSL_ECP_C
|
||||||
|
*
|
||||||
* Uncomment to enable generic public key wrappers.
|
* Uncomment to enable generic public key wrappers.
|
||||||
*/
|
*/
|
||||||
#define POLARSSL_PK_C
|
#define POLARSSL_PK_C
|
||||||
|
|
@ -1385,7 +1386,7 @@
|
||||||
* Caller: library/ssl_cli.c
|
* Caller: library/ssl_cli.c
|
||||||
* library/ssl_srv.c
|
* library/ssl_srv.c
|
||||||
*
|
*
|
||||||
* Requires: POLARSSL_CIPHER_C, POLARSSL_PK_C, POLARSSL_MD_C
|
* Requires: POLARSSL_CIPHER_C, POLARSSL_MD_C
|
||||||
* and at least one of the POLARSSL_SSL_PROTO_* defines
|
* and at least one of the POLARSSL_SSL_PROTO_* defines
|
||||||
*
|
*
|
||||||
* This module is required for SSL/TLS.
|
* This module is required for SSL/TLS.
|
||||||
|
|
@ -1708,7 +1709,7 @@
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \
|
#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \
|
||||||
!defined(POLARSSL_PK_C) || !defined(POLARSSL_MD_C) )
|
!defined(POLARSSL_MD_C) )
|
||||||
#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites"
|
#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -649,8 +649,10 @@ struct _ssl_context
|
||||||
/*
|
/*
|
||||||
* PKI layer
|
* PKI layer
|
||||||
*/
|
*/
|
||||||
|
#if defined(POLARSSL_PK_C)
|
||||||
pk_context *pk_key; /*!< own private key */
|
pk_context *pk_key; /*!< own private key */
|
||||||
int pk_key_own_alloc; /*!< did we allocate pk_key? */
|
int pk_key_own_alloc; /*!< did we allocate pk_key? */
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||||
x509_crt *own_cert; /*!< own X.509 certificate */
|
x509_crt *own_cert; /*!< own X.509 certificate */
|
||||||
|
|
@ -1493,8 +1495,11 @@ int ssl_write_finished( ssl_context *ssl );
|
||||||
|
|
||||||
void ssl_optimize_checksum( ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info );
|
void ssl_optimize_checksum( ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info );
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_C)
|
||||||
unsigned char ssl_sig_from_pk( pk_context *pk );
|
unsigned char ssl_sig_from_pk( pk_context *pk );
|
||||||
pk_type_t ssl_pk_alg_from_sig( unsigned char sig );
|
pk_type_t ssl_pk_alg_from_sig( unsigned char sig );
|
||||||
|
#endif
|
||||||
|
|
||||||
md_type_t ssl_md_alg_from_hash( unsigned char hash );
|
md_type_t ssl_md_alg_from_hash( unsigned char hash );
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
|
|
|
||||||
|
|
@ -197,7 +197,9 @@ const int *ssl_list_ciphersuites( void );
|
||||||
const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name );
|
const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name );
|
||||||
const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite_id );
|
const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite_id );
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_C)
|
||||||
pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info );
|
pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info );
|
||||||
|
#endif
|
||||||
|
|
||||||
int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info );
|
int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info );
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -972,6 +972,7 @@ int ssl_get_ciphersuite_id( const char *ciphersuite_name )
|
||||||
return( cur->id );
|
return( cur->id );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_C)
|
||||||
pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
|
pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
|
||||||
{
|
{
|
||||||
switch( info->key_exchange )
|
switch( info->key_exchange )
|
||||||
|
|
@ -989,6 +990,7 @@ pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
|
||||||
return( POLARSSL_PK_NONE );
|
return( POLARSSL_PK_NONE );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
|
int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -888,7 +888,9 @@ static int ssl_parse_client_hello( ssl_context *ssl )
|
||||||
int handshake_failure = 0;
|
int handshake_failure = 0;
|
||||||
const int *ciphersuites;
|
const int *ciphersuites;
|
||||||
const ssl_ciphersuite_t *ciphersuite_info;
|
const ssl_ciphersuite_t *ciphersuite_info;
|
||||||
|
#if defined(POLARSSL_PK_C)
|
||||||
pk_type_t pk_alg;
|
pk_type_t pk_alg;
|
||||||
|
#endif
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
|
SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
|
||||||
|
|
||||||
|
|
@ -1301,11 +1303,13 @@ static int ssl_parse_client_hello( ssl_context *ssl )
|
||||||
|
|
||||||
/* If ciphersuite requires us to have a private key of a
|
/* If ciphersuite requires us to have a private key of a
|
||||||
* certain type, make sure we do */
|
* certain type, make sure we do */
|
||||||
|
#if defined(POLARSSL_PK_C)
|
||||||
pk_alg = ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
|
pk_alg = ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
|
||||||
if( pk_alg != POLARSSL_PK_NONE &&
|
if( pk_alg != POLARSSL_PK_NONE &&
|
||||||
( ssl->pk_key == NULL ||
|
( ssl->pk_key == NULL ||
|
||||||
! pk_can_do( ssl->pk_key, pk_alg ) ) )
|
! pk_can_do( ssl->pk_key, pk_alg ) ) )
|
||||||
continue;
|
continue;
|
||||||
|
#endif
|
||||||
|
|
||||||
goto have_ciphersuite;
|
goto have_ciphersuite;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4188,11 +4188,13 @@ void ssl_free( ssl_context *ssl )
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_C)
|
||||||
if( ssl->pk_key_own_alloc )
|
if( ssl->pk_key_own_alloc )
|
||||||
{
|
{
|
||||||
pk_free( ssl->pk_key );
|
pk_free( ssl->pk_key );
|
||||||
polarssl_free( ssl->pk_key );
|
polarssl_free( ssl->pk_key );
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
|
#if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
|
||||||
if( ssl_hw_record_finish != NULL )
|
if( ssl_hw_record_finish != NULL )
|
||||||
|
|
@ -4208,8 +4210,9 @@ void ssl_free( ssl_context *ssl )
|
||||||
memset( ssl, 0, sizeof( ssl_context ) );
|
memset( ssl, 0, sizeof( ssl_context ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_C)
|
||||||
/*
|
/*
|
||||||
* Get the SSL_SIG_* constant corresponding to a public key
|
* Convert between POLARSSL_PK_XXX and SSL_SIG_XXX
|
||||||
*/
|
*/
|
||||||
unsigned char ssl_sig_from_pk( pk_context *pk )
|
unsigned char ssl_sig_from_pk( pk_context *pk )
|
||||||
{
|
{
|
||||||
|
|
@ -4240,7 +4243,11 @@ pk_type_t ssl_pk_alg_from_sig( unsigned char sig )
|
||||||
return( POLARSSL_PK_NONE );
|
return( POLARSSL_PK_NONE );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Convert between SSL_HASH_XXX and POLARSSL_MD_XXX
|
||||||
|
*/
|
||||||
md_type_t ssl_md_alg_from_hash( unsigned char hash )
|
md_type_t ssl_md_alg_from_hash( unsigned char hash )
|
||||||
{
|
{
|
||||||
switch( hash )
|
switch( hash )
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue